6 ani în urmă · e06e84746d
--- a/examcloud-core-basic-starter/src/main/java/cn/com/qmth/examcloud/core/basic/starter/config/DefaultWebMvcConfigurerAdapter.java
+++ b/examcloud-core-basic-starter/src/main/java/cn/com/qmth/examcloud/core/basic/starter/config/DefaultWebMvcConfigurerAdapter.java
@@ -1,5 +1,6 @@
 
				 package cn.com.qmth.examcloud.core.basic.starter.config;

			
 
				 

			
 
				+import java.util.Collections;

			
 
				 import java.util.List;

			
 
				 

			
 
				 import org.apache.commons.collections.CollectionUtils;

			
@@ -12,12 +13,14 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
 
				 

			
 
				 import cn.com.qmth.examcloud.commons.base.util.PathUtil;

			
 
				 import cn.com.qmth.examcloud.commons.base.util.PropertiesUtil;

			
 
				+import cn.com.qmth.examcloud.commons.base.util.RegExpUtil;

			
 
				 import cn.com.qmth.examcloud.commons.web.interceptor.FirstInterceptor;

			
 
				 import cn.com.qmth.examcloud.commons.web.redis.RedisClient;

			
 
				 import cn.com.qmth.examcloud.commons.web.security.RequestPermissionInterceptor;

			
 
				 import cn.com.qmth.examcloud.commons.web.security.SpringCloudInterceptor;

			
 
				 import cn.com.qmth.examcloud.commons.web.security.bean.Role;

			
 
				 import cn.com.qmth.examcloud.commons.web.security.bean.User;

			
 
				+import cn.com.qmth.examcloud.commons.web.security.enums.RoleMeta;

			
 
				 

			
 
				 /**

			
 
				  * 默认WebMvcConfigurer

			
@@ -58,21 +61,34 @@ public class DefaultWebMvcConfigurerAdapter extends WebMvcConfigurerAdapter {
 
				 			@Override

			
 
				 			public boolean hasPermission(String mappingPath, User user) {

			
 
				 				List<Role> roleList = user.getRoleList();

			
 
				+

			
 
				 				if (CollectionUtils.isEmpty(roleList)) {

			
 
				 					return false;

			
 
				 				}

			
 
				 

			
 
				-				String roles = PropertiesUtil.getString(mappingPath);

			
 
				-				if (StringUtils.isBlank(roles)) {

			
 
				+				for (Role role : roleList) {

			
 
				+					if (role.getRoleCode().equals(RoleMeta.SUPER_ADMIN.name())) {

			
 
				+						return true;

			
 
				+					}

			
 
				+				}

			
 
				+

			
 
				+				String privileges = PropertiesUtil.getString(mappingPath);

			
 
				+				if (StringUtils.isBlank(privileges)) {

			
 
				 					return true;

			
 
				 				}

			
 
				 

			
 
				-				roles = "," + roles + ",";

			
 
				+				List<String> privilegeList = RegExpUtil.findAll(privileges, "\\w+");

			
 
				 

			
 
				+				Long rootOrgId = user.getRootOrgId();

			
 
				 				for (Role role : roleList) {

			
 
				-					if (roles.contains("," + role.getRoleCode() + ",")) {

			
 
				-						return true;

			
 
				-					}

			
 
				+					String key = "$_P_" + rootOrgId + "_" + role.getRoleId();

			
 
				+					String rolePrivileges = redisClient.get(key, String.class);

			
 
				+

			
 
				+					List<String> rolePrivilegeList = RegExpUtil.findAll(rolePrivileges, "\\w+");

			
 
				+

			
 
				+					boolean disjoint = Collections.disjoint(privilegeList, rolePrivilegeList);

			
 
				+

			
 
				+					return !disjoint;

			
 
				 				}

			
 
				 

			
 
				 				return false;